Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fixed XSS vunerability in user login. See: http://bort.uservoice.com/…
  • Loading branch information
Jim Neath committed Nov 8, 2008
1 parent b23b508 commit 7c2121b
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion app/helpers/application_helper.rb
Expand Up @@ -12,7 +12,7 @@ def title(str, container = nil)
def flash_messages
messages = []
%w(notice warning error).each do |msg|
messages << content_tag(:div, flash[msg.to_sym], :id => "flash-#{msg}") unless flash[msg.to_sym].blank?
messages << content_tag(:div, html_escape(flash[msg.to_sym]), :id => "flash-#{msg}") unless flash[msg.to_sym].blank?
end
messages
end
Expand Down

0 comments on commit 7c2121b

Please sign in to comment.